TitanHide
dokany
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
TitanHide
-
How do I debug software that detaches as soon as I attach the debugger
If the poster is using x64dbg, there is another great alternative to ScyllaHide which is SharpOD, get the original files here (chinese website cause chinese author, just use google translate plugin in your browser). Where it really shines through is to remain undetected when ScyllaHide fails to do so, especially when the malware is packed by newer packers like VMProtect 3.5 (very annoying). If that's not enough too, check out TitanHide (risky), also an anti anti debugger but requires disabling PatchGuard beforehand (MUST use virtual machine).
dokany
-
Projected File System
It's not really the same though. A Projected File System copies the files from the backing store to somewhere on the local file system when requested and then performs IO normally on the local files.
For an actual implementation of userspace filesystems on Windows see dokany: https://github.com/dokan-dev/dokany
-
Tutorial fo unlimited backup solution in these trying times with Backblaze, Raidrive and Dokany
Now that you are inside the Mirror folder with cmd, let’s start the Mirror function to attach a NAS or cloud folder as a local disk in order to get recognized by the BB client and be backed up. Write something like (read the dokany documentation for more details here): mirror.exe /r x:\ /l m , where x:\ should be the letter of the folder attached with Raidrive and m:\ the letter you want to assign to the new local disk.
-
Ask HN: What are some good resources for learning about low level disk/file IO?
I lead a project that included shipping a filesystem driver and a virtual disk on Windows.
What I did to learn the lower-level APIs, and perform initial testing on the driver, was write a "mirror" drive. The user-mode code pointed to a folder on disk, the driver made a virtual disk drive, and all reads and writes in the virtual disk drive went to the mirror folder.
On Windows, you can implement something like that using Dokany, Dokan, or Winfsp. On linux, there's the Fuse API. On Mac, there's MacFUSE.
Even if you don't do a "mirror" drive, understanding the callbacks that libraries like Dokany, Dokan, Winfsp, and Fuse do helps you understand how IO happens in the driver. Many IO methods provided in popular languages provide abstractions above what the OS does. (For example, the Windows kernel has no concept of the "Stream" that's in your C# program. The "Stream"'s Position property is purely a construct within the .Net framework.)
https://dokan-dev.github.io/
https://github.com/dokan-dev/dokany
https://osxfuse.github.io/
Another place to start is the OS's documentation itself. For example, you can start with Window's CreateFileA function. This typically is what gets called "under the hood" in most programming languages when you open or create a file: https://learn.microsoft.com/en-us/windows/win32/api/fileapi/...
-
Add USB connected phone as video source
You'll need this ressource installed in 1.X version to make it work : https://github.com/dokan-dev/dokany
-
Cheapest Way to Backup 40TB to Backblaze
Potentially no need to buy any hardware https://github.com/dokan-dev/dokany/wiki/Use-Mirror-example
- using back blaze personal? backing up nas?
- Error when trying to unlock any vault
- User mode file system library for windows with FUSE Wrapper
-
Cryptomator and Windows 11 - Experiences?
Yeah, I had an issue and had to downgrade the Dokan Library. I downloaded from here.
- ceph-dokan mount issues. Looking for the right place to ask questions.
What are some alternatives?
ScyllaHide - Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
winfsp - Windows File System Proxy - FUSE for Windows
Detect-It-Easy - Program for determining types of files for Windows, Linux and MacOS.
Cryptomator - Multi-platform transparent client-side encryption of your files in the cloud
WSAAcceptBackdoor - Winsock accept() Backdoor Implant.
reactos - A free Windows-compatible Operating System
opendragon - Open Redragon drivers for Linux. Currently only supporting some mice.
fuse-overlayfs - FUSE implementation for overlayfs
r77-rootkit - Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
ifuse - A fuse filesystem to access the contents of iOS devices
udmabuf - User space mappable dma buffer device driver for Linux.
fatx - Original Xbox FATX Filesystem Library, Python bindings, FUSE driver, and GUI explorer